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REMARKS 

This Amendment addresses the issues outstanding from the final Office Action 
dated November 19, 2007. Applicants respectfully request favorable reconsideration of 
this application, as amended. 

By this Amendment, Applicants have amended independent Claims 7 and 14 to 
clarify the subject matter intended to be claimed. Claims 7, 8, and 14 have also been 
editorially revised for clarity. Claims 16 and 17 have been cancelled without prejudice or 
disclaimer, and Claims 1-6, 9, 13, and 15 were previously cancelled without prejudice or 
disclaimer. Claims 18 and 19 have been added to provide more comprehensive protection 
for certain features. Thus, Claims 7, 8, 10-12, 14, 18 and 19 are currently pending. 

In the Office Action, Claims 7, 10-12, 14, 16, and 17 were rejected under 35 
U.S.C. § 103(a) as allegedly being unpatentable over U.S. Patent No. 5,699,513 to Feigen 
et al. ("Feigen") in view of U.S. Patent No. 6,473,406 to Coile et al. ("Cofte")» further in 
view of U.S. Patent No. 6,678,827 to Rothermel et al. ^Rothermel"}. Claim 8 was also 
rejected under 35 U.S.C. § 103(a) as allegedly being unpatentable over Feigen, Coile, and 
Rothermel in view of U.S. Patent No. 5,845,068 to Winiger ("Winiger"). 

Without acceding to the outstanding rejections, Claim 7 now recites, inter alia, 
rerouting to the second port of the gateway machine, by ordering the network layer (CR) 
of the gateway machine, any message sent from the client network and addressed to the 
first port of the server machine, followed by deleting , by ordering the network layer (CR) 
of the gateway machine, any message sent from the client network to a third port located 
in the server machine regardless of a security level of said message sent to the third port. 
Claim 7 also now recites generating, in the gateway machine, a thread which establishes 
said first connection and a second connection at a second security level between the 
gateway machine and the third port , wherein said generating is performed in response to 
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the detection of the request addressed to the first port of the server application to establish 
said first connection, and said third port is configured to receive at least one message at a 
second security level from the gateway machine via said second connection . Support is 
provided, for example, at paragraphs [0042], [0046], and [0051]; and FIG. 5 of 
Applicants' published application. 

It is apparent that the applied references do not teach or suggest at least the above 
features. For example, the Office Action acknowledges at pages 3 and 5 that the primary 
reference, Feigen, does not teach or suggest at least the feature of deleting any message to 
a third port located in the server machine regardless of a security level of said message. 
Secondary reference Coile apparently also does not teach or suggest the above-discussed 
features of Claim 7, nor does the Office Action rely on Coile for such teaching. 
However, the Office Action alleges that Feigen 's and Coile 's failure in this regard is 
cured by the teachings found in secondary reference RothermeL 

In contrast, however, the portion of Rothermel relied on in the Office Action 
apparently teaches blocking network information from passing to or from certain port 
numbers, but is apparently silent with regards to the features of the blocked port numbers. 
See Rothermel, col. 12, lines 63-64. Thus, Rothermel is not understood to teach or 
suggest deleting , by ordering the network layer (CR) of the gateway machine, any 
message sent from the client network to a third port located in the server machine 
regardless of a security level of said message sent to the third port, wherein the third port 
is configured to receive at least one message at a second security level from the gateway 
machine via said second connection , as presently recited in Claim 7. It is further noted 
that the cited portions of Feigen and Coile also fail to provide for the third port located in 
the server machine configured to receive at least one message at a second security level 
from the gateway machine via a second connection. 
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The secondary references also do not appear to teach or suggest the above- 
discussed features. For example, secondary reference Winiger teaches discarding a 
packet if the packet security classification is not the same as or higher than the security 
classification of a destination port. See Winiger, col. 6, lines 6-9. Thus, the cited portions 
of Winiger are not understood to teach or suggest rerouting to a second port of a gateway 
machine, by ordering a network layer (CR) of the gateway machine, any message sent 
and addressed to a first port of a server machine, followed by deleting, by ordering the 
network layer (CR) of the gateway machine, any message sent to a third port located in 
the server machine regardless of a security level of said message sent to the third port, as 
recited in Claim 7. The cited portions of Winiger also fail to provide for the third port 
located in the server machine configured to receive at least one message at a second 
security level from the gateway machine via a second connection. 

Therefore, Applicants respectfully submit that independent Claim 7 distinguishes 
patentably from the applied references. 

Claim 14 has also been amended to recite, inter alia, activating, in the gateway 
machine, a secure application proxy that reroutes the messages addressed to the first port 
of the server application away from the first connection, in a way that is transparent to the 
client application, so as to establish a second connection at a second security level 
between a second port of the server application and the gateway machine , and that 
deletes, by ordering the network layer (CR) of the gateway machine, any message sent 
from the client network to the second port of the server application regardless of a 
security level of said message sent to the second port, wherein said second port is 
configured to receive at least one message at a second security level from the gateway 
machine via said second connection. 
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Therefore, Applicants respectfully submit that independent Claim 14 also 
distinguishes patentably from the applied references for at least the reasons discussed 
above with respect to Claim 7. 

The remaining claims are also believed to be patentable due to their respective 
dependence from independent Claims 7 and 14, as well as for the additional features 
recited in the remaining claims. 

In view of the foregoing, Applicants respectfully submit that this application is in 
condition for allowance. A Notice of Allowance is respectfully requested. 

Should the Examiner believe that any further action is necessary to place this 
application in better form for allowance, the Examiner is invited to contact Applicants' 
representative at the telephone number listed below. 

The Commissioner is hereby authorized to charge to Deposit Account No. 50- 
1165 (T2 147-907461) any fees under 37 C.F.R. §§ 1.16and 1.17 that may be required by 
this paper and to credit any overpayment to that Account. If any extension of time is 
required in connection with the filing of this paper and has not been separately requested, 
such extension is hereby requested. 



Respectfully submitted, 



Date: April 18, 2008 




Eric G. King 
Reg. No. 42,736 



Miles & Stockbridge, P.C. 
1751 Pinnacle Drive 
Suite 500 

McLean, Virginia 22102-3833 
Telephone: (703) 610-8647 
4818-7162-6242 



Frederick F. Rosenberger 
Reg. No. 61,404 
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